Ka dib 11 bilood oo horumarin ah, FreeBSD 13.2 waa la sii daayay. Sawirada rakibaadda waxaa loo soo saaray amd64, i386, powerpc, powerpc64, powerpc64le, powerpcspe, armv6, armv7, aarch64 iyo riscv64 architectures. Intaa waxaa dheer, shirarka waxaa loo diyaariyey nidaamyada wax-ku-oolka ah (QCOW2, VHD, VMDK, cayriin) iyo deegaanka daruuraha Amazon EC2, Google Compute Engine iyo Vagrant.
Isbeddellada muhiimka ah:
- Awoodda lagu abuurayo sawir-qaadista nidaamyada faylka UFS iyo FFS oo leh karti-galiyaha (cusboonaysiinta jilicsan) ayaa la hirgeliyay. Waxa kale oo lagu daray taageerada kaydinta asalka ah ee qashinka (qashin qubka oo wata calanka β-Lβ) oo ay ku jirto waxa ku jira nidaamka faylka UFS ee la rakibay marka joornaalku shaqaynayo. Mid ka mid ah sifooyinka aan la heli karin marka la isticmaalayo goynta waa fulinta asalka ah ee hubinta daacadnimada iyadoo la adeegsanayo utility fsck.
- Halabuurka aasaasiga ah waxaa ka mid ah darawal wg ah oo ka shaqeeya heerka kernel iyadoo la adeegsanayo is-dhexgalka shabakada VPN WireGuard. Si loo isticmaalo algorithms-yada loo yaqaan 'cryptographic algorithms' ee uu u baahan yahay darawalku, API ee FreeBSD kernel crypto-subsystem waa la kordhiyey, kaas oo lagu daray suunka u oggolaanaya isticmaalka algorithms ee maktabadda libsodium ee aan lagu taageerin FreeBSD iyada oo loo marayo heerka crypto-API . Intii lagu guda jiray geeddi-socodkii horumarinta, hagaajinta ayaa sidoo kale la sameeyay si loo dheellitiro isku-xirnaanta xirmada sirta baakidhka iyo hawl-fududeynta xudunta CPU, taasoo hoos u dhigtay dusha sare marka la farsameynayo xirmooyinka WireGuard.
Isku daygii ugu dambeeyay ee lagu daro WireGuard ee FreeBSD waxaa la sameeyay 2020, laakiin waxay ku dhammaatay fadeexad, taas oo keentay in koodhka hore loogu daray laga saaray tayada hoose, shaqo taxadar la'aan ah oo leh bakhaarro, isticmaalka stubs halkii jeegag, hirgelinta aan dhamaystirnayn. ee hab maamuuska iyo ku xadgudubka shatiga GPL. Hirgelinta cusub waxaa si wadajir ah u diyaariyey kooxaha horumarinta FreeBSD iyo WireGuard, oo ay ku darsadeen Jason A. Donenfeld, qoraaga VPN WireGuard, iyo John H. Baldwin, horumariye FreeBSD oo caan ah. Dib u eegis buuxda oo isbedelada ah ayaa lagu sameeyay taageerada FreeBSD Foundation ka hor inta aan la aqbalin koodka cusub.
- Taageerada borotokoolka isgaarsiinta Netlink (RFC 3549), ee loo adeegsaday Linux si loogu abaabulo isdhexgalka kernel-ka iyo hababka goobta isticmaalaha, ayaa la hirgeliyay. Mashruucu wuxuu ku kooban yahay taageeridda qoyska NETLINK_ROUTE ee hawlaha maaraynta xaaladda nidaamka hoose ee shabakadda ee kernel, kaas oo u oggolaanaya FreeBSD inay isticmaasho Linux ip utility ka xirmada iproute2 si ay u maamusho is-dhexgalka shabakada, u dejiso cinwaannada IP-ga, habaynayso marin-u-socodka oo ay maamusho nexthop walxaha kaydiya xogta gobolka ee loo isticmaalo gudbinta baakadda meesha la rabo.
- Dhammaan nidaamyada saldhigga ah ee lagu fulin karo 64-bit dhufto ee XNUMX-bit waxay leeyihiin Cinwaanka Goobta Layout Randomization (ASLR) si toos ah. Si aad u doorato ASLR, waxaad isticmaali kartaa amarrada "proccontrol -m aslr -s disable" ama "elfctl -e +noaslr".
- Gudaha ipfw, miisaska radix waxaa loo isticmaalaa in lagu eego cinwaanada MAC, kaas oo kuu ogolaanaya inaad abuurto jadwal leh cinwaanada MAC oo aad u isticmaasho si aad u shaandhayso taraafikada. Tusaale ahaan: ipfw table 1 samee nooca mac ipfw miiska 1 ku dar 11:22:33:44:55:66/48 ipfw ku dar skipto tablearg src-mac 'miiska (1)' 1) ipfw ku dar diidmo raadinta dst-mac 100
- Qaybaha Kernel dpdk_lpm4 iyo dpdk_lpm6 ayaa lagu daray oo diyaar u ah in lagu shubo iyada oo loo marayo loader.conf iyada oo la adeegsanayo habka DIR-24-8 raadinta algorithm ee IPv4/IPv6, kaas oo kuu ogolaanaya inaad kor u qaaddo hawlaha dariiqa ee martida leh miisaska marin-u-qaadista ee aadka u weyn ( Imtixaannada, kororka xawliga ah ee 25 ayaa lagu arkay %). Si loo habeeyo cutubyada, isticmaalka dariiqa caadiga ah waa la isticmaali karaa (doorashada FIB_ALGO ayaa lagu daray).
- Hirgelinta nidaamka faylka ZFS waa la cusboonaysiiyay si loo sii daayo OpenZFS 2.1.9. Farta bilowga zfskeys waxay si toos ah u raritaan furayaasha ku kaydsan nidaamka faylka ZFS. Qoraal cusub oo RC ah oo lagu daray zpoolreguid si loogu meeleeyo GUID hal ama ka badan zpools (tusaale faa'iido u leh deegaanka xog-ururinta xogta la wadaago).
- Bhyve hypervisor-ka iyo moduleka vmm waxay taageeraan in ka badan 15 CPU-yada farsamada ah ee nidaamka martida (oo lagu habeeyey sysctl hw.vmm.maxcpu). Utility bhyve wuxuu fuliyaa ku dayashada aaladda virtio-input, kaas oo aad ku bedeli karto kiiboodhka iyo dhacdooyinka gelinta mouseka nidaamka martida.
- Gudaha KTLS, hirgelinta borotokoolka TLS ee ku socda heerka FreeBSD kernel, taageerada dardargelinta qalabka TLS 1.3 ayaa lagu daray iyadoo la saarayo qaar ka mid ah hawlgallada la xiriira ka baaraandegidda xirmooyinka soo gala sirta ah ee kaadhka shabakadda. Markii hore, muuqaal la mid ah ayaa diyaar u ahaa TLS 1.1 iyo TLS 1.2.
- In the growfs startup script, marka la ballaarinayo nidaamka faylalka xididka, waxaa suurtagal ah in lagu daro qayb isku beddelasho ah haddii qaybtan oo kale ay markii hore maqan tahay (tusaale ahaan, faa'iido leh marka la rakibo sawirka nidaamka diyaarsan ee kaarka SD). Si loo xakameeyo cabbirka isdhaafsiga, cabbir cusub growfs_swap_size ayaa lagu daray rc.conf.
- Qoraalka bilawga ah ee martida loo yahay wuxuu hubinayaa in UUID aan toos ahayn la soo saaray haddii faylka /etc/hostid uu maqan yahay oo UUID aan laga heli karin qalabka. Sidoo kale waxaa lagu daray faylka /etc/machine-id oo leh matalaad is haysta oo ah aqoonsiga martida loo yahay (majiro jilayaal).
- Doorsoomayaasha defaultrouter_fibN iyo ipv6_defaultrouter_fibN ayaa lagu daray rc.conf, kaas oo aad ku dari karto dariiqyada caadiga ah miisaska FIB ee aan ahayn kan aasaasiga ah.
- Taageerada xashiishka SHA-512/224 ayaa lagu daray maktabadda libmd.
- Maktabadda pthread-ka waxay taageertaa hab-dhaqannada loo isticmaalo Linux.
- Taageero dheeri ah oo loogu talagalay dejinta codsiyada nidaamka Linux ee kdump. Taageero lagu daray nidaamka qaab-Linux-ka raadinta raadinta kdump iyo sysdecode.
- Utility killall hadda waxa uu awood u leeyahay in uu u diro calaamada hababka ku xidhan terminal gaar ah (tusaale, "killall -t pts/1").
- Waxaa lagu daray utility nproc si uu u muujiyo tirada blocks xisaabinta ee la heli karo habka hadda socda.
- Taageerada dejinta ACS (Adeegyada Xakamaynta Helitaanka) ayaa lagu daray utility pciconf.
- Goobta SPLIT_KERNEL_DEBUG ayaa lagu daray kernel-ka, kaas oo kuu ogolaanaya inaad kaydiso macluumaadka cilladaha kernel-ka iyo unugyadu faylal kala duwan.
- Linux ABI wuxuu ku dhow yahay inuu dhammaystiro taageerada habka vDSO (walxaha la wadaago ee firfircoon), kaas oo bixiya nidaam xaddidan oo wicitaanno ah oo laga heli karo booska isticmaalaha iyada oo aan la beddelin macnaha guud. Linux ABI ee nidaamyada ARM64 ayaa la keenay si ay ula midoobaan hirgelinta naqshadaha AMD64.
- Taageerada qalabka oo la hagaajiyay. Korjoogteynta waxqabadka (hwpmc) ee taageerada Intel Alder Lake CPUs. Darawalka iwlwifi ee kaararka wireless-ka Intel waa la cusboonaysiiyay iyadoo la taageerayo chips cusub iyo heerka 802.11ac. Darawalka rtw88 ee lagu daray kaararka wireless Realtek oo leh interface PCI. Awoodaha lakabka linuxkpi waa la ballaariyay si loogu isticmaalo darawalada Linux ee FreeBSD.
- Maktabada OpenSSL waxa loo cusboonaysiiyay nooca 1.1.1t, LLVM/Clang ilaa nooca 14.0.5, iyo server-ka iyo macmiilka SSH waxa la cusboonaysiiyay OpenSSH 9.2p1 (noqolkii hore ee la isticmaalay OpenSSH 8.8p1). Waxa kale oo la cusboonaysiiyay noocyada bc 6.2.4, expat 2.5.0, file 5.43, ka yar 608, libarchive 3.6.2, dirmail 8.17.1, sqlite 3.40.1, unbound 1.17.1, zlib 1.2.13.
Intaa waxaa dheer, waxaa lagu dhawaaqay in, laga bilaabo laanta FreeBSD 14.0, furaha hal mar OPIE, ce iyo cp darawallada, darawallada kaararka ISA, isku-dhafka iyo minigzip utilities, qaybaha ATM ee netgraph (NgATM), habka asalka telnetd iyo VINUM fasalka joom.
Source: opennet.ru